Hardened mobile

Trusting the computer that follows you around all day


The mobile twin to hardened desktop OSes.

This Japanese minaturised mobile device sets the standard in hardened personal computing.

Reducing the amount of spyware on your phone through better accountability.

(Securing the apps is a whole ’nother layer atop that.)

Side question: How secure are minimal environments like KaiOS?

Tracking market prices for vulerabilities is one option here for evaulating risk.

Basic android securing

Which android phones do not leave gaping unpatched security holes?. *tl;dr — Google, LG, then everyone else.

  • 🏗 google tracking android devices

The hypothetical grugq phone is a hardened android variant.

Open-ish hardware: Librem

An alternative route is the Purism Librem 5 which essentially manufactures a little linux laptop which happens to be a phone. It runs a hardened Debian variant PureOS which is a full desktop OS. Essentially this means you get all the resources and tools of the Open Source community’s auditing and development, and also all the horror of the Open Source community’s terrible UX track record, wrapped up in one device of unspecified battery life. It looks kind of fun, in a stubborn hobbyist kind of way. I wonder how secure this phone truly is on hostile networks. For sure its configuration is screamingly weird enough that generic attacks are unlikely to work.

Ultra-open auditable hardware

Precursor is a trusted-computing mobile device with endorsement by Bunnie Huang. it has an intriguing introduction to trustable hardware.

Blackphone

Mobile: blackphone is a whole secure mobile device? Is that project still alive?

App selection

It is not clear which apps are safe. For example, Tiktok is not.

The same fingerprinting script and cookie is used on Bytedance’s news site Toutiao. So: If someone shares a video, Bytedance can

  1. tie the recipients of the video to the sender
  2. track recipients subsequently on Tiktok and Toutiao even if cookies are deleted.